CVE-2022-4515
ctags: arbitrary command execution via a tag file with a crafted filename
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.
Se encontró una falla en Exuberant Ctags en la forma en que maneja la opción "-o". Esta opción especifica el nombre del archivo de etiqueta. Un nombre de archivo de etiqueta modificado especificado en la línea de comando o en el archivo de configuración da como resultado la ejecución de un comando arbitrario porque externalSortTags() en sort.c llama a la función system(3) de manera insegura.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-12-15 CVE Reserved
- 2022-12-20 CVE Published
- 2024-07-12 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2022/12/msg00040.html | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://sourceforge.net/p/ctags/code/HEAD/tree/tags/ctags-5.8/sort.c#l56 | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-4515 | 2023-05-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2153519 | 2023-05-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Exuberant Ctags Project Search vendor "Exuberant Ctags Project" | Exuberant Ctags Search vendor "Exuberant Ctags Project" for product "Exuberant Ctags" | * | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||